Other official information and services: www.belgium.be

WARNING: A CRITICAL VULNERABILITY IS AFFECTING ANGULAR EXPRESSIONS

Referentie:

Advisory #2024-290

Versie:

1.1

Geïmpacteerde software:

Angular Expressions before version 1.4.3

Type:

Execution of Arbitrary Code

CVE/CVSS:

CVE-2024-54152 / CVSS: 9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Datum:

11/12/2024

Bronnen

https://github.com/peerigon/angular-expressions/security/advisories/GHSA-5462-4vcx-jh7j

Risico’s

Angular is widely used as a pillar for front-end web development throughout the world.

Angular Expressions provides expressions for the Angular.JS web framework as a standalone module.

The present vulnerability has a HIGH impact on Confidentiality, Integrity and Availability.

Moreover, a Proof-of-Concept exploit has been published, thus rendering the exploitation of this vulnerability a lot easier for attackers.

Beschrijving

CVE-2024-54152 allows an attacker to write a malicious expression that escapes the sandbox to execute arbitrary code on the underlying system.

Aanbevolen acties

Patch

The Centre for Cybersecurity Belgium strongly recommends installing updates for the vulnerable software mentioned in the present advisory.

Workaround

Two possible workarounds are possible:

Disable access to function "_ proto _" globally.
Make sure to use the function with just one argument.

Monitor/Detect

The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.

In case of an intrusion, you can report an incident via: https://ccb.belgium.be/en/cert/report-incident

While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.

Referenties

https://www.tenable.com/cve/CVE-2024-54152